error connecting device to IoT Edge gateway

0
votes

While connecting to edge gateway from simulated device code, facing connection timeout with below exceptions: 

'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientException' in Microsoft.Azure.Devices.Client.dll
    Exception thrown: 'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientException' in mscorlib.dll
    Exception thrown: 'System.AggregateException' in Microsoft.Azure.Devices.Client.dll
    Exception thrown: 'System.AggregateException' in mscorlib.dll
'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientException' in Microsoft.Azure.Devices.Client.dll
    Exception thrown: 'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientException' in mscorlib.dll
    Exception thrown: 'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientTransientException' in Microsoft.Azure.Devices.Client.dll
    Exception thrown: 'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientTransientException' in mscorlib.dll
    Exception thrown: 'Microsoft.Azure.Devices.Client.Exceptions.IotHubClientTransientException' in Microsoft.Azure.Devices.Client.dll

I am adding ConnectionString in correct format & also included the GatewayHostName configured from https://docs.microsoft.com/en-us/azure/iot-edge/how-to-create-transparent-gateway

1
azure-iot-edge
I am able to ping the edge-hostname I have configured & appended it to the device connection string "GatewayHostName".. And also I have opened out-bound 8883 from my IoT device simulator laptop.. Also Edge gateway machine has in-bound for ports 8883 and 1883.kalyan kumar
Unable to generate identity for clientId myFirstDevice and username mygateway.gateway.com/myFirstDevice/api-version=2017-06-30&DeviceClientType=Microsoft.Azure.Devices.Client%2F1.6.0%20%28.NET%20Framework%204.7.2600.0%3B%20Microsoft%20Windows%2010.0.16299%3B%20X86%29%20HappyPath_Simulated-CSharp 2018-01-16 03:58:18.929 +05:30 [INF] - ClientNotAuthenticated, Client ID: myFirstDevice; Username: mygateway.gateway.com/myFirstDevice/api-version=2017-06-30&DeviceClientType=Microsoft.Azure.Devices.Clientkalyan kumar
the above is the log from "edgeHub" running in my windows Desktop, while the IoT device code is trying to connect from windows 10 laptop..kalyan kumar
That error indicates that the authentication done by the Edge Hub to IoT Hub on behalf of the device failed. Are you able to directly connect to IoT Hub from the device if you drop the GatewayHostName property on the connection string?Raj
@Raj Yes, i am able to connect to IoT Hub if I drop GatewayHostName.kalyan kumar

1 Answers

0
votes

The article Create an IoT Edge device that acts as a transparent gateway - preview does work fine. The key to make it work is to set the right certificates.

Following scenario is for both client and edge are on the same machine.

  1. Follow that doc, I have got the following cert files: enter image description here

Please note I used New-CACertsEdgeDevice myEdgeDevice to create the device certificate.

  1. Then run the following command to setup the edge runtime.

iotedgectl setup --connection-string HostName=jierong-iothub.azure-devices.net;DeviceId=jierong-iotedge-device1;SharedAccessKey=XXXXXXX --edge-hostname localhost --device-ca-cert-file myEdgeDevice-public.pem --device-ca-chain-cert-file myEdgeDevice-all.pem --device-ca-private-key-file myEdgeDevice-private.pem --owner-ca-cert-file RootCA.pem

  1. Then run iotedgectl start to start the runtime, and run docker ps to check everything is good.

enter image description here

  1. Remove all you installed certificates and install the myEdgeDevice.pfx file directly by double clcking it. After that, you can see the following certs in your cert manager:

enter image description here

  1. Then construct you device connection string like following if you ave using local host, don't use machine name, like below:

    private const string DeviceConnectionString = "HostName=jierong-iothub.azure-devices.net;DeviceId=jierong-iothub-device;SharedAccessKey=XXXXXXXX;GatewayHostName=localhost";

Modified the app cloned from following:

git clone https://github.com/Azure-Samples/iot-hub-dotnet-simulated-device-client-app.git

I can run the app successfully. enter image description here

Similar for edge server and client are on two different Win 10 machines, but you should install the cert first, like writing following code:

enter image description here

If it's still not working, do check if you are not running to any certification validation issues, and it is how it works:

  1. Edge runtime in docker container will send left (deivce cerificate) during TLS handshake.
  2. client (Win 10 machine in this case) will have to validate this certification, to validate this as trusted, I twill have to look at issuer of this certificate and go up the chain and see if this issuer is in Trusted Root CA.

Please note that IoT Edge is still in Preview mode, so some things may not be flushed out. If you still get some issues, I suggest you create a support ticket to do further troubleshooting.

Thanks, Jie